Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-346

CWE-346

Origin Validation Error

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product does not properly verify that the source of data or communication is valid.

556 vulnerabilities with CWE-346

CVE-2023-47194 HIGH

Trend Micro Apex One < 14.0.12737 - Privilege Escalation via Origin Validation Error

CVE-2023-47193 HIGH

Trend Micro Apex One < 14.0.12737 - Privilege Escalation via Origin Validation Error

CVE-2023-20275 MEDIUM

Cisco ASA/FTD - Privilege Escalation

CVE-2023-49805 MEDIUM

Uptime Kuma < 1.23.9 - Origin Validation Error in WebSocket Connection

CVE-2023-49803 HIGH

@koa/cors < 5.0.0 - Origin Validation Error via Missing Allowed Origin Check

CVE-2023-28794 MEDIUM

Zscaler Client Connector <1.3.1.6 - Privilege Escalation

CVE-2023-5859 MEDIUM

Google Chrome < 119.0.6045.105 - Domain Spoofing via Picture In Picture Security UI

CVE-2023-5858 MEDIUM

Google Chrome < 119.0.6045.105 - Security UI Obfuscation via WebApp Provider

CVE-2023-5853 MEDIUM

Google Chrome < 119.0.6045.105 - Security UI Spoofing via Crafted HTML Page

CVE-2023-5851 MEDIUM

Google Chrome < 119.0.6045.105 - Origin Validation Error in Downloads

CVE-2023-5718 MEDIUM

Vue.js Devtools - Unauthenticated Sensitive Data Exposure via postMessage API

CVE-2023-28795 HIGH

Zscaler Client Connector <1.3.1.6 - Code Injection

CVE-2023-44190 MEDIUM

Juniper Junos OS Evolved - Origin Validation Error in MAC Address Validation

CVE-2023-44189 MEDIUM

Juniper Junos OS Evolved MAC Address Validation Origin Error

CVE-2023-3654 CRITICAL

cashit! < 03.a06rks_2023.02.37 - Origin Validation Error via Host Header

CVE-2023-2848 HIGH

movim < 0.22 - Cross-Site WebSocket Hijacking via Missing Header Validation

CVE-2023-29505 MEDIUM

ManageEngine Network Configuration Manager 12.6.165 - Cross-site WebSocket Hijacking via WebSocket Endpoint

CVE-2023-4045 MEDIUM

Firefox < 116 - Origin Validation Error via Offscreen Canvas

CVE-2023-30949 MEDIUM

Palantir Slate < 6.207.0 - Origin Validation Error

CVE-2023-2850 MEDIUM

NodeBB < 2.8.13 and 3.0.0-3.1.3 - Cross-Site WebSocket Hijacking via Missing Origin Validation

CVE-2023-3581 MEDIUM

Mattermost 7.8.0-7.8.6 - WebSocket Origin Validation Bypass

CVE-2023-21260 MEDIUM

Android - Origin Validation Error via Notification Access Permission Dialog

CVE-2023-37210 MEDIUM

Firefox < 115.0 - Full-Screen Mode Spoofing via Alert and Prompt Calls

CVE-2023-32223 HIGH

D-Link DSL-224 Firmware 3.0.10 - Authenticated Command Execution

CVE-2023-32553 MEDIUM

Trend Micro Apex One < 14.0.12105 - Unauthenticated Sensitive Information Disclosure

Previous Page 12 of 23 Next

Details

Vulnerabilities 556

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy